[CS-FSLUG] New 25-GPU Monster Devours Strong Passwords In Minutes
Fred A. Miller
fmiller at lightlink.com
Fri Dec 7 09:16:22 CST 2012
New 25-GPU Monster Devours Strong Passwords In Minutes
<http://rss.slashdot.org/%7Er/slashdot/eqWf/%7E3/cC50oUE-O1A/story01.htm>
via Slashdot <http://slashdot.org/> by Soulskill on 12/5/12
chicksdaddy writes "A presentation at the Passwords^12 Conference in
Oslo, Norway (slides), has moved the goalposts on password cracking yet
again. Speaking on Monday, researcher Jeremi Gosney (a.k.a epixoip)
demonstrated a rig that leveraged the Open Computing Language (OpenCL)
framework and a technology known as Virtual Open Cluster (VCL) to run
the HashCat password cracking program across a cluster of five, 4U
servers equipped with 25 AMD Radeon GPUs communicating at 10 Gbps and 20
Gbps over Infiniband switched fabric. Gosney's system elevates password
cracking to the next level, and effectively renders even the strongest
passwords protected with weaker encryption algorithms, like Microsoft's
LM and NTLM, obsolete. In a test, the researcher's system was able to
generate 348 billion NTLM password hash checks per second. That renders
even the most secure password vulnerable to compute-intensive brute
force and wordlist (or dictionary) attacks. A 14 character Windows XP
password hashed using LM for example, would fall in just six minutes,
said Per Thorsheim, organizer of the Passwords^12 Conference. For some
context: In June, Poul-Henning Kamp, creator of the md5crypt() function
used by FreeBSD and other, Linux-based operating systems, was forced to
acknowledge that the hashing function is no longer suitable for
production use --- a victim of GPU-powered systems that could perform
'close to 1 million checks per second on COTS (commercial off the shelf)
GPU hardware,' he wrote. Gosney's cluster cranks out more than 77
million brute force attempts per second against MD5crypt."
<http://twitter.com/home?status=New+25-GPU+Monster+Devours+Strong+Passwords+In+Minutes%3A+http%3A%2F%2Fbit.ly%2FTOL1U6>Read
more of this story
<http://it.slashdot.org/story/12/12/05/0623215/new-25-gpu-monster-devours-strong-passwords-in-minutes?utm_source=rss1.0moreanon&utm_medium=feed>
at Slashdot.
--
Islam is a VERY backward religion, that MUST keep it's masses not only
in subjugation, but ignorant and maintain a feudal state that is always
at war, looking to take over the spoils of all other societies. It is by
nature destructive and not constructive. The Q'oran is based on distortions
of the Bible, lies, paganism, racism, hate, contradictions, and ignorance,
with a good dose of stupidity thrown in for good measure. -Fred A. Miller
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://ofb.biz/pipermail/christiansource_ofb.biz/attachments/20121207/16c64daf/attachment.htm>
More information about the Christiansource
mailing list